{"product_id":"identity-and-access-management-training","title":"Building an SSO Federated IAM System","description":"\u003cdiv\u003e\u003cp\u003eThis course will immerse you in a modern Identity and Access Management (IAM) practical Hands-On experience, so you will strengthen your organization’s access to critical resources.  You will implement trust by building a Public Key Infrastructure (PKI) hierarchy and an on-premises Federated Single Sign On (SSO) system with Microsoft Identity Provider (IdP). You will learn the impact of Artificial Intelligence (AI) on IAM systems and on Zero Trust context. You will select appropriate authenticating environments, such as Workload and Workforce identities and Open Authorization (OAuth) to secure API access. You will also build an identity attribute mapping and synchronization system, with a central Share Point management solution. You will discover how Kubernetes implements IAM and federates to external APIs.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eBuilding an SSO Federated IAM System Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImplement modern Identity and Access Management (IAM) solutions to secure access to data\u003c\/li\u003e\n\u003cli\u003eBuild a robust Public Key Infrastructure (PKI) to manage enterprise trust\u003c\/li\u003e\n\u003cli\u003eSeamlessly implement Federation Identity Management (FIM) with ADFS\u003c\/li\u003e\n\u003cli\u003eExtend Single Sign-On (SSO) with Zero Trust Architecture (ZTA)\u003c\/li\u003e\n\u003cli\u003eEnhance Agentic AI and non-human actor authentication with certificates\u003c\/li\u003e\n\u003cli\u003eMap the entity divide of Workload Identity vs Workforce Identity\u003c\/li\u003e\n\u003cli\u003eManage identities among multiple account stores with MIM 2016\u003c\/li\u003e\n\u003cli\u003eApply a managed identity to Bring Your Own Device (BYOD)\u003c\/li\u003e\n\u003cli\u003eFormulate an IAM policy\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFamiliarity with security issues at the level of Course 468, Introduction to Cybersecurity\u003c\/li\u003e\n\u003cli\u003eExperience with Windows operating system\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eIdentity and Access Management Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eFundamentals of Identity and Access Management \u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eIdentity and its theft\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProtecting Access to Data with Quad of IAM\u003c\/li\u003e\n\u003cli\u003eMulti Factor Authentication (MFA) attacks\u003c\/li\u003e\n\u003cli\u003eSecure alternatives to “Death of the Password”\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecure Identity Lifecycle Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrating to Trusted Platform Module (TPM) hardware\u003c\/li\u003e\n\u003cli\u003e\"Joiner-Mover-Leaver\"(JML) process\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImplementing Single Sign-On (SSO)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eApplying Kerberos identities in a domain\u003c\/li\u003e\n\u003cli\u003eInteroperating via OIDC and SAML\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSelecting Identity Trust Models\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCentralized vs Federated\u003c\/li\u003e\n\u003cli\u003eZero Trust Architecture (ZTA)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSurveying the impact of Agentic AI on IAM\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI agent as a first-class identity and ephemeral credentials\u003c\/li\u003e\n\u003cli\u003eToken Exchange delegation chain\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eMapping and Synchronizing Identities\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eDiscovering identity stores\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExploring identities in Kerberos tickets and AD attributes\u003c\/li\u003e\n\u003cli\u003eIdentifying identities in SQL databases\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDemystifying MIM 2016\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImporting identities from Connected Data Source CDS into Connector Space CS\u003c\/li\u003e\n\u003cli\u003eSynchronizing identities into Metaverse MV\u003c\/li\u003e\n\u003cli\u003eManaging identities and rules with the SharePoint MIM Portal\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eImplementing Identities in an Enterprise PKI\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eInside PKI X.509 v3 certificates\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExpiring identities with certificate lifetimes\u003c\/li\u003e\n\u003cli\u003eVerifying identities with Subject Alternative Name\u003c\/li\u003e\n\u003cli\u003eBinding identities to certificates\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eEstablishing trust via certificates\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidating trust with digital signatures\u003c\/li\u003e\n\u003cli\u003eCreating entity trust by importing a root CA\u003c\/li\u003e\n\u003cli\u003eFlowing trust with domain Group Policy Object GPO\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBuilding an enterprise Subordinate CA\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePublishing Certificate Revocation Lists (CRLs)\u003c\/li\u003e\n\u003cli\u003eAccessing directories with LDAP\u003c\/li\u003e\n\u003cli\u003eConfiguring Online Certificate Status Protocol OCSP\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eExpanding Trust with Federated Identity Management\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eFederating with Microsoft Active Directory Federation Services ADFS\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAuthenticating with a trusted Identity Provider IdP\u003c\/li\u003e\n\u003cli\u003eControlling access with claims\u003c\/li\u003e\n\u003cli\u003eVerifying SAML tokens with Relaying Party RP\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCreating claims-aware applications\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBuilding claims-aware applications with Windows Identity Foundation WIF\u003c\/li\u003e\n\u003cli\u003eAbstracting SAML, WS-Trust and WS-Federation protocols\u003c\/li\u003e\n\u003cli\u003eMigrating to Open ID Connect OIDC and Java Web Tokens JWT\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eTrusting external Identity Providers\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExtending ADFS externally with Web Application Proxy WAP\u003c\/li\u003e\n\u003cli\u003eMapping external ADFS namespaces with split DNS\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModern Identity Architectures\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eEvolving Application Authentication\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCustomer Identity and Access Management (CIAM)\u003c\/li\u003e\n\u003cli\u003eDecentralized authentication with Self-Sovereign Identity (SSI)\u003c\/li\u003e\n\u003cli\u003eZero Trust with Google Cloud Identity Aware Proxy IAP \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eWorkforce Identity vs Workload Identity\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExternal long-term keyed authentication vs short-lived OAuthToken\u003c\/li\u003e\n\u003cli\u003eCloud workforce federation with Bring Your Own Identity BYOID\u003c\/li\u003e\n\u003cli\u003eKubernetes IAM mapping tokens with Workload Identity\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eMobile Identity Management with BYOD\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eEnrolling mobile devices\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eJoining devices with Workplace Join\u003c\/li\u003e\n\u003cli\u003eEnacting Device Registration Services DRS\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePlanning a Federated Identity Roadmap\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAchieving the FICAM IdM vision\u003c\/li\u003e\n\u003cli\u003eCreating organizational identity management policy\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267B28US \/ 2026-07-07T09:00:00 \/ Herndon, VA","offer_id":47534210154715,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true},{"title":"269C66US \/ 2026-09-01T09:00:00 \/ Herndon, VA","offer_id":48216585273563,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true},{"title":"26BC56US \/ 2026-11-03T09:00:00 \/ Herndon, VA","offer_id":48216585306331,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true},{"title":"271C37US \/ 2027-01-05T09:00:00 \/ Herndon, VA","offer_id":48216585339099,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true},{"title":"273B89US \/ 2027-03-02T09:00:00 \/ Herndon, VA","offer_id":48310906847451,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true},{"title":"275C37US \/ 2027-05-04T09:00:00 \/ Herndon, VA","offer_id":48738859581659,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true}],"url":"https:\/\/learningtreeinternational-dirinfosec-hhs.myshopify.com\/products\/identity-and-access-management-training","provider":"Learning Tree International","version":"1.0","type":"link"}